Vulnerability Description
An improper check for an exceptional condition in the Insider Threat Management (ITM) Server could be used by an attacker to change the server's configuration of any already-registered agent so that the agent sends all future communications to an attacker-chosen URL. This could result in disclosure of sensitive data events from the agent about the personally identifiable information (PII) and intellectual property it monitors, and all such data could be altered or deleted before reaching the ITM Server. An attacker must first successfully obtain valid agent credentials and agent hostname. All versions prior to 7.14.3.69 are affected.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Proofpoint | Insider Threat Management | < 7.14.3.69 |
Related Weaknesses (CWE)
References
- https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-008Broken Link
- https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0008Vendor Advisory
- https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-008Broken Link
FAQ
What is CVE-2023-4828?
CVE-2023-4828 is a vulnerability with a CVSS score of 6.4 (MEDIUM). An improper check for an exceptional condition in the Insider Threat Management (ITM) Server could be used by an attacker to change the server's configuration of any already-registered agent so that t...
How severe is CVE-2023-4828?
CVE-2023-4828 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-4828?
Check the references section above for vendor advisories and patch information. Affected products include: Proofpoint Insider Threat Management.